package team.nmsg.ge.system.init.shiro;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;

import team.nmsg.ge.system.bean.AppToken;
import team.nmsg.ge.system.service.ICacheService;
import team.nmsg.ge.system.util.SysSpringContext;



/**
 * Shiro登录与授权
 * @author Declan
 */
public class SysAuthorizingRealm extends AuthorizingRealm{
	private static final Logger logger = LoggerFactory.getLogger(SysAuthorizingRealm.class);
	
	
//	@Autowired
	private ICacheService cache;
	
	public ICacheService getCacheService(){
		if( cache==null ){
			cache = SysSpringContext.getService(ICacheService.class);
		}
		return cache;
	}
	
	@Override
	public boolean supports(AuthenticationToken token) {
		return token instanceof AppToken;
	}
	

	/**
	* 认证信息.(身份验证) : Authentication 是用来验证用户身份
	 * @param token
	 * @return
	 * @throws AuthenticationException
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		SimpleAuthenticationInfo info = null;
		try {
			Object credentials = authcToken.getCredentials();
			Object principal = authcToken.getPrincipal();
			info = new SimpleAuthenticationInfo(principal , credentials , getName());
			
		} catch (AuthenticationException e) {
			throw e;
		}
		return info;
	}
	
	
	
	@Override
	/**
	 * 授权
	 */
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();  
		//根据用户名获取权限
		String tokenKey = (String) principals.getPrimaryPrincipal();
		//根据tokenKey获取所有相应角色下的权限
		
		
		AppToken tokenObj = new AppToken();
		tokenObj.setToken(tokenKey);
		AppToken cacheToken = getCacheService().getTokenFromCache(tokenObj);
		if( cacheToken == null ){
			return info;
		}
		
		List<String> roles = cacheToken.getRoles();
		List<String> opers = cacheToken.getOpers();
		
		Set<String> roleSet = new HashSet<String>();
		roleSet.addAll(roles);
		info.addRoles(roleSet);
		
		Set<String> operSet = new HashSet<String>();
		
		for(String operStr : opers){
			JSONObject parseObject = JSON.parseObject(operStr);
			String string = parseObject.getString("operName");
			operSet.add(string);
		}
		info.addStringPermissions(operSet);

		
		return  info;
	}
	public static boolean isAdmin(){
//		return (Boolean) getShiroSessionAttr(SESSION_KEY_ISADMIN_BOOL);
		return false;
	}
}
